Laptops, USB flash memory sticks, and other mobile computing devices greatly facilitate on-the-go productivity and the transport, storage, sharing, and mobile use of information. Unfortunately, their mobile nature and small form factors also make them highly susceptible to loss or theft. As example statistics, one in ten laptops is lost or stolen within a year of purchase, 600,000 laptops are lost annually in U.S. airports alone, and dry cleaners in the U.K. found over 4,000 USB sticks in pockets in 2009. The loss of such devices is most concerning for organizations and individuals storing confidential information, such as medical records, social security numbers (SSNs), and banking information.
Conventional wisdom suggests that standard encryption systems, such as BitLocke™ from Microsoft®, PGP® Whole Disk Encryption from Symantee™ and TrueCrypt from the TrueCrypt Foundation, can protect confidential information. Unfortunately, encryption alone is sometimes insufficient to meet users' needs, for at least two reasons. Firstly, traditional encryption systems can and do fail in the world of real users. As described in the seminal paper “Why Johnny Can't Encrypt”, security and usability are often at odds. Users find it difficult to create, remember, and manage passphrases or keys. As an example, a password-protected USB stick containing private medical information about prison inmates was lost along with a sticky note revealing its password. Encrypted file systems often rely on a locally stored key that is protected by a user's passphrase. User passphrases are known to be insecure; a recent study of consumer Web passwords found the most common one to be “123456”. Finally, in the hands of a motivated data thief, devices are open to physical attacks on memory or cold-boot attacks to retrieve passphrases or keys. Even physical attacks on trusted platform modules (TPMs) and “tamper-resistant” hardware are possible.
Secondly, when encryption fails, it fails silently; that is, an unauthorized user might circumvent the encryption without the data owner ever learning of the access. The use of conventional encryption can therefore lead mobile device owners into a false sense of protection. For example, a hospital losing a laptop with encrypted patient information might not notify patients of its loss, even if the party finding the device has circumvented the encryption and accessed that information.